When The Technical Argument Doesn’t Win
Focus on the solutions that work, rather than emotional attacks on individuals
I was just reminded of Galileo today. Thrown in jail for something that was obviously true.
The technical argument often doesn’t matter.
Galileo’s technical argument didn’t win the day. On June 22, 1633, the Church handed down the following order: “We pronounce, judge, and declare, that you, the said Galileo… have rendered yourself vehemently suspected by this Holy Office of heresy, that is, of having believed and held the doctrine (which is false and contrary to the Holy and Divine Scriptures) that the sun is the center of the world, and that it does not move from east to west, and that the earth does move, and is not the center of the world.”
People like to blame the person making the argument, but I think it has more to do with people in power who don’t want to lose their status.
If you see or hear people attacking individuals, rather than the technical merit of what they are trying to explain, please stop for a minute to think about whether your decisions are based on emotions or on a technical analysis of the solution the person is trying to offer.
Try to think critically using your own mind instead of following the herd or a loud voice a or someone who appears to be good at manipulating people — or possibly someone who is afraid of losing their own status like the religious leaders who threw Galileo in jail.
Was Galileo trying to take someone out of power? I doubt it. I presume he just saw something that was inaccurate and was explaining it, but no one would believe him. I imagine he was frustrated by the lack of intellectual integrity demonstrated by the people whom he argued against.
When I hear stories like that of Galileo I think wow, what’s the point of trying to explain anything controversial. It’s really up to the listeners to use critical thinking to discern the facts. And it seems like most of the time people don’t.
One way to tell if you are being swayed by an emotional or factual argument:
If the person is attacking an individual rather than the merits of their argument, then avoid them. They are toxic. Their arguments do not have credible technical merit. They are simply trying to bring another person down rather, likely whom they see as a threat.
I know everyone is trying to help in the cybersecurity industry. I have no problem with anyone technical in cybersecurity. Everyone is working towards better solutions.
But what we still have a long way to go:
That’s just a fact.
The thing I get most annoyed with the money engines pumping out inaccurate messages to make a buck.
I don’t think all the touchy-feely kum bah ya is working. Yes, we need to be nice to people but we still have laws and police officers for a reason.
Also, cybersecurity is very nuanced and complicated. We can make it easier for people to do the right thing by technically preventing blatant security problems so they don’t have to remember 500,000 rules.
People want to tell you it’s ok — you don’t need security reviews. You might not even need a security team! Everyone cheers. Free the developers!
Yeah ok.
When I hear things that are blatantly not going to work and untrue, I get a little annoyed. The people that say these things generally have never managed security at a large financial organization. We need to get back to a true understanding of how attacks work and how we can prevent them. Cheerleading isn’t going to save us.
What will help is if people really understand how the attacks work and how you can configure a system so they don’t.
I’m trying to present some different concepts on this blog I’ve had in my mind for years but trying to better formulate them into a working solution.
And honestly I’ve been having a hard of a time getting the message out through the prior channels I was using. You keep waiting and hoping for something to change but it never does so you have to make a change yourself.
One of the things I changed was writing the software I’m working on and publishing it to GitHub for anyone to see.
I also started writing on this blog more consistently — and it’s practically free. We’ll see how it works out.
Referrals appreciated.
Follow for updates.
Teri Radichel | © 2nd Sight Lab 2024
About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight LabNeed Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for PresentationFollow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab
